On 30 Mar 2020 21:18 +0000, from moreejt@xxxxxxxxx (JT Morée): > I'm trying to see how much space my 'key' is using up within the > allocated space of the LUKS header and for import/export. That's > real meaning ;-) If that is your goal, then you really should be asking about that. In general, ask about what you want to know (while stating your ultimate goal), not what you _think_ will tell you the answer to what you _actually_ want to know. Asking about something other than what you actually want to know is liable to get you the wrong answer (or at least a useless one), and likely to waste peoples' time. That helps noone. Also, for LUKS, it's not as easy as just taking the cryptographic key length, because the cryptographic key isn't stored directly, even encrypted. Rather, the key is stretched on-disk (via the "AF" or anti-forensic stripes), in part to make it easier to overwrite enough key material to make recovery via an exhaustive search guided by the remaining on-disk data impractical. That forces an attacker to either attack the passphrase (via the iterated, salted hash) or the randomly-selected bulk encryption key directly. If you choose a good passphrase and/or set a high enough iteration count, both can be made equally impractical. -- Michael Kjörling • https://michael.kjorling.se • michael@xxxxxxxxxxx “Remember when, on the Internet, nobody cared that you were a dog?” _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
